Latest
Where can I find useful logs for troubleshooting ForgeRock products?
The purpose of this article is to provide information on finding logs across ForgeRock products (AM, DS, IDM and IG) for troubleshooting purposes. This article shows default log locations, although most of them can be changed.
What Java versions are ForgeRock products supported on?
The purpose of this article is to provide information on the supported Java® versions across the ForgeRock platform (AM, DS, IDM and IG).
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
How do I check if IG (All versions) is up and running?
The purpose of this article is to provide a way to check if IG is up and running when it is behind a load balancer.
How do I trace transactions through the audit logs for troubleshooting across ForgeRock products?
The purpose of this article is to provide information on tracing transactions through the audit logs to help with troubleshooting across ForgeRock products. This article covers an IG → AM→ DS flow to demonstrate this usage and applies to all AM, DS and IG versions.
Checking your product versions are supported
The purpose of this article is to provide EOSL dates for the specific ForgeRock products and versions you are running so you can check that the version you are on is still supported. This also includes dates for Identity Cloud downloadable components.
SSLHandshakeException or ClassCastException when using an HSM and Java 11 with ForgeRock products
The purpose of this article is to provide assistance if you encounter an SSLHandshakeException or ClassCastException when using a Hardware Security Module (HSM) via the PKCS11 module with Java® 11 (11.0.1 to 11.0.5). This issue affects all ForgeRock products that are compatible with Java 11 (versions 6.5 and later of AM, DS, IDM and IG).
Java JDK Security Advisory #202109
ForgeRock are aware of a serious vulnerability in the implementation of certain cryptographic operations in Java JDK versions 15 and later. This affects Oracle® Java® and OpenJDK, including other JDKs derived from OpenJDK. You should follow the advice in this advisory to secure your deployments at the earliest opportunity.
Best practice for JVM Tuning with G1 GC
The purpose of this article is to provide best practice advice on JVM tuning with G1 GC; including understanding heap space and the available JVM options. This best practice advice applies to AM, DS, IDM and IG running on Java® 11. JVM tuning is not an exact science and will vary across individual environments and applications. Consistent load and stress testing of your environment will be the only true way to gauge the effect of changes made.
Best practice for JVM Tuning with CMS GC
The purpose of this article is to provide best practice advice on JVM tuning with CMS GC; including key symptoms, understanding heap space and GC logs. This best practice advice applies to AM, DS, IDM and IG running on Java® 8. JVM tuning is not an exact science and will vary across individual environments and applications. Consistent load and stress testing of your environment will be the only true way to gauge the effect of changes made.
Books
Security Advisories
This book provides security advisories for ForgeRock products (AM, DS, IDM and IG).
Platform compatibility
This book provides information on compatibility between ForgeRock products (AM, DS, IDM and IG).
Source code in ForgeRock products
This book provides information on source code and binaries in ForgeRock products (AM, DS, IDM and IG).
Troubleshooting IG
This book provides information on troubleshooting various issues in IG including collecting useful troubleshooting information such as logs, heap dumps and stack traces.
Performance tuning and monitoring ForgeRock products
This book provides information on performance tuning and monitoring ForgeRock products (AM, DS, IDM and IG).
Installing and configuring IG
This book provides information on installing and configuring IG including frequently asked questions.
SAML federation in IG
This book provides information on SAML federation in IG and includes help on configuring federation and debug logging.
Security Advisories
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
Java JDK Security Advisory #202109
ForgeRock are aware of a serious vulnerability in the implementation of certain cryptographic operations in Java JDK versions 15 and later. This affects Oracle® Java® and OpenJDK, including other JDKs derived from OpenJDK. You should follow the advice in this advisory to secure your deployments at the earliest opportunity.